Near field communication or NFC-enabled devices are becoming increasingly popular and “contactless” smartcards allow for quick and simple transactions to take place.
Passive NFC operates according to magnetic induction. A NFC device reader emits a small electric current which creates a magnetic field. When a NFC-enabled device is in range of that field, a coil in the NFC-enabled device converts the detected magnetic field to an electrical signal to enable the communication of data. The NFC-enabled device makes use of the energy from the reader to enable the transaction to take place. Alternatively, active NFC devices incorporate their own power source.
For example, “Oyster” cards are frequently used to travel on public transport in London. An Oyster card user simply holds the card up to a dedicated card reader and, when within the required range (approximately 80 mm), an electromagnetic field of the reader activates a radio-frequency identification (RFID) system of the card and allows data to be read from it. The system is configured to provide encryption such that only readers that have been configured to do so can read specified information from the cards.
Similar technology has been implemented to enable financial payments, allowing a user to present a payment card such as a credit or debit card to a specially configured card reader to enable a financial transaction to take place. Again, a card is provided with an RFID system having an embedded chip and antenna enable. When a user brings their card near enough to a reader, the payment is made. Generally speaking, no signature or PIN verification is needed, meaning that transactions can take place faster than the more traditional chip-and-pin payments.
Although it is clearly desirable for transactions, be they financial or otherwise, to be able to occur quickly, security of data is still a concern. Whilst card/reader systems can be provided with a level of security and/or encryption, this is out of the card holder's control. In principle a user could pass near an unauthorised card reader and inadvertently have information read/payment taken from the card. There is therefore a need for an additional level of security, controllable by the user. Additionally, as more and more transactions are being conducted in a contactless manner, there is a need for a system that can help a user better manage the data that is needed to partake in those interactions.
Aspects and embodiments of the present invention have been devised with the foregoing in mind.